AFFLIB could be made to crash if it opened a specially crafted
file.
Software Description:
- afflib: Advanced Forensics Format Library
Details:
Luis Rocha discovered that AFFLIB incorrectly handled certain input files.
If a user or automated system were tricked into processing a specially
crafted AFF image file, a remote attacker could possibly use this issue
to cause a denial of service via application crash. (CVE-2018-8050)
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): afflib-tools 3.7.16-2ubuntu0.1~esm1 libafflib0v5 3.7.16-2ubuntu0.1~esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): afflib-tools 3.7.7-3ubuntu0.1~esm1 libafflib0v5 3.7.7-3ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6518-1
CVE-2018-8050
Get the latest Linux and open source security news straight to your inbox.